Four steps to security
ASSESSMENT
DAJ SIĘ OCENIĆ
PLANNING
PROJEKT DLA CIEBIE
MAINTENANCE
POMOŻEMY CI
IMPLEMENTATION
ZROBIMY TO ZA CIEBIE
Our Partners
secure remote access for ICS and USB data exchange security
creating a secure IT and OT environment
traffic monitoring and vulnerability detection in the OT environment
security incident management systems
DDoS testing and protection
security incident management systems
News
Defense in Depth strategies – Part 8 – Host Security
07.12.2022
Host Security The key concept of Defense in Depth is the fact that there are multiple layers of security implemented throughout the system. And so, after protecting the devices within the OT network from an outside attack with the use of policies, zones and firewalls, the next layer of security is applied directly to the hosts within the OT environment by: Installing and configuring a host-based firewall Implementing a rigorous password policy: Replacement of all default passwords Strong passwords Enforced password change on a pre-defined schedule (every 30 to 90 days) Installing screen savers with short intervals and with a password required to log in where possible Installing and keeping operating systems and hardware firmware patched up to date Configuring and monitoring logs on the device Disabling unused or unnecessary services and accounts Replacing insecure services (telnet, RSH, rlogin) with more secure alternatives Restricting access to services that one cannot disable (where possible) Making and testing backups of the system in a consistent manner if not centrally controlled Securing laptops and other portable and mobile devices not continuously connected to the network Patch and Vulnerability Management Applying patches to ICS components can interfere with the ICS function.
More
Bring Your Own Device Security Strategies – Part 4
06.12.2022
Additional costs, implications, and best practices of BYOD The implementation of BYOD introduces new variables in the organisational, legal, and cost domains of the enterprise. Additional costs Allowing the employees to use their own devices will increase the variety of hardware and software combinations which will in return entail increase support costs. More different types of devices More different operating systems that need patching and be kept up to date Responding to security incidents related to an increased variety of devices and operating systems Repairs The enterprise must decide how it will handle the issue of repairs of BYOD devices should the need arise.
More
Defense in Depth strategies – Part 7 – Security Architectures
30.11.2022
Security Architectures Once an organization has designed and implemented a robust network architecture, they have established the security architecture for the network and systems. The security architecture includes the specific controls and their strategic placement within the network or systems to establish layers of security—Defense in Depth. Security controls must be applied at the network, system, application, and physical layers to provide information assurance. The security controls include: policy and security management, application security, data security, platform security, network and perimeter security, physical security, and user security.
More
Bring Your Own Device Security Strategies – Part 3
29.11.2022
Developing BYOD policy Having established BYOD objectives, user needs, and the level of risk an enterprise is willing to take, the next step is developing the policy. A policy is essential to outline the responsibilities of the enterprise and its employees in regard of BYOD. Policy Goals The policy should cover the following areas: Define the scope of tasks employees will be allowed to perform from their devices. Define the tasks employees will not be permitted to perform from their devices.
More